DOCSLIB.ORG

Threat Assessment of Malicious Code and External Attacks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Threat Assessment of Malicious Code and External Attacks Lawrence E. Bassham W. Timothy Polk U.S. DEPARTMENT OF COMMERCE Technology Administration National Institute of Standards and Technology Computer Systems Laboratory Computer Security Division Gaithersburg, MD 20899 QC 100 . U56 NIST 4939 1992 Of NISTIR 4939 C»2-> Threat Assessment of Malicious Code and External Attacks Lawrence E. Bassham W. Timothy Polk U.S. DEPARTMENT OF COMMERCE Technology Administration National Institute of Standards and Technology Computer Systems Laboratory Computer Security Division Gaithersburg, MD 20899 October 1992 U.S. DEPARTMENT OF COMMERCE Barbara Hackman Franklin, Secretary TECHNOLOGY ADMINISTRATION Robert M. White, Under Secretary for Technology NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY John W. Lyons, Director Contents 1 Introduction 1 2 Malicious Code 3 2.1 Viruses 3 2.1.1 History of Viruses 4 2.1.2 Current Protection Against Viruses 6 2.2 Worms 7 2.2.1 History of Worms 7 2.2.2 Current Protection Against Worms 9 2.3 Trends for the Future 10 3 Human Threats 11 3.1 Insider Attacks 11 3.2 Hackers 11 3.3 Phone Phreaks 13 3.4 Trends for the Future 13 3.4.1 Configuration Errors and Passwords 13 3.4.2 Internal Threats 14 3.4.3 Connectivity 14 3.4.4 Information Dissemination 15 4 Summary 17 References 19 iii 1 1 Introduction As a participant in the U.S. Army Computer Vulnerability/Survivability Study Team, the National Institute of Standards and Technology has been tasked with providing an assess- ment of the threats associated with commercial hardware and software. This document is the second and final deliverable under the Military Interdepartmental Purchase Request num- ber: W43P6Q-92-EW138. This report provides an assessment of the threats associated with malicious code and external attacks on systems using commercially available hardware and software. The history of the threat is provided and current protection methods described. A projection of the future threats for both malicious code and human threats is also given. Today, computer systems are under attack from a multitude of sources. These range from malicious code, such as viruses and worms, to human threats, such as hackers and phone “phreaks.” These attacks target different characteristics of a system. This leads to the possibility that a particular system is more susceptible to certain kinds of attacks. Malicious code, such as viruses and worms, attack a system in one of two ways, either internally or externally. Traditionally, the virus has been an internal threat, while the worm, to a large extent, has been a threat from an external source. Human threats are perpetrated by individuals or groups of individuals that attempt to penetrate systems through computer networks, public switched telephone networks or other sources. These attacks generally target known security vulnerabilities of systems. Many of these vulnerabilities are simply due to configuration errors. Certain commercial products are identified in this paper in order to adequately specify procedures being described. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology, nor does it imply that the material identified is necessarily the best for the purpose. — 3 2 Malicious Code Viruses and worms are related classes of malicious code; as a result they are often confused. Both share the primary objective of replication. However, they are distinctly different with respect to the techniques they use and their host system requirements. This distinction is due to the disjoint sets of host systems they attack. Viruses have been almost exclusively restricted to personal computers, while worms have attacked only multi-user systems. A careful examination of the histories of viruses and worms can highlight the differences and similarities between these classes of malicious code. The characteristics shown by these histories can be used to explain the differences between the environments in which they are found. Viruses and worms have very different functional requirements; currently no class of systems simultaneously meets the needs of both. A review of the development of personal computers and multi-tasking workstations will show that the gap in functionality between these classes of systems is narrowing rapidly. In the future, a single system may meet all of the requirements necessary to support both worms and viruses. This implies that worms and viruses may begin to appear in new classes of systems. A knowledge of the histories of viruses and worms may make it possible to predict how malicious code will cause problems in the future. Basic Definitions To provide a basis for further discussion, the following definitions will be used throughout the report. • Trojan Horse - a program which performs a useful function, but also performs an unexpected action as well. • Virus - a code segment which replicates by attaching copies to existing executables. • Worm - a program which replicates itself and causes execution of the new copy. • Network Worm - a worm which copies itself to another system by using common net- work facilities, and causes execution of the copy on that system. 2.1 Viruses The following are necessary characteristics of a virus: • replication • requires a host program as a carrier 4 2 MALICIOUS CODE • activated by external action • replication limited to (virtual) system In essence, a computer program which has been infected by a virus has been converted into a trojan horse. The program is expected to perform a useful function, but has the unintended side effect of viral code execution. In addition to performing the unintended task, the virus also performs the function of replication. Upon execution, the virus attempts to replicate and “attach” itself to another program. It is the unexpected and generally uncontrollable repliction that makes viruses so dangerous. Viruses are currently designed to attack single platforms. A platform is defined as the combination of hardware and the most prevalent operating system for that hardware. As an example, a virus can be referred to as an IBM-PC virus, referring to the hardware, or a DOS virus, referring to the operating system. “Clones” of systems are also included with the original platform. 2.1.1 History of Viruses The term “computer virus” was formally defined by Fred Cohen in 1983, while he performed academic experiments on a Digital Equipment Corporation VAX system. Viruses are clas- sified as being one of two types: research or “in the wild.” A research virus is one that has been written for research or study purposes and has received almost no distribution to the public. On the other hand, viruses which have been seen with any regularity are termed “in the wild.” The first computer viruses were developed in the early 1980s. The first viruses found in the wild were Apple II viruses, such as Elk Cloner, which was reported in 1981 [Den90]. Viruses have now been found on the following platforms: • Apple II • IBM PC • Macintosh • Atari • Amiga Note that all viruses found in the wild target personal computers. As of today, the over- whelming number of virus strains are IBM PC viruses. However, as of August 1989, the number of PC, Atari ST, Amiga, and Macintosh viruses were almost identical (21, 22, 18, and 12 respectively [Den90]). Academic studies have shown that viruses are possible for multi-tasking systems, but they have not yet appeared. This point will be discussed later. Viruses have “evolved” over the years due to efforts by their authors to make the code more difficult to detect, disassemble, and eradicate. This evolution has been especially apparent 2. 1 Viruses 5 in the IBM PC viruses; since there are more distinct viruses known for the DOS operating system than any other. The first IBM-PC virus appeared in 1986 [Den90]; this was the Brain virus. Brain was a boot sector virus and remained resident. In Brain was followed by Alameda Yale 1987, ( ), Cascade Jerusalem Lehigh and Miami ( South African Friday the 13th). These viruses , , , expanded the target executables to include COM and EXE files. Cascade was encrypted to deter disassembly and detection. Variable encryption appeared in 1989 with the 1260 virus. Stealth viruses, which employ various techniques to avoid detection, also first appeared in such as Zero Bug Dark Avenger and Frodo 096 or In self-modifying 1989, , fK). 1990, viruses, such as Whale were introduced. The year 1991 brought the GP1 virus, which is “network- sensitive” and attempts to steal Novell NetWare passwords. Since their inception, viruses have become increasingly complex. Examples from the IBM-PC family of viruses indicate that the most commonly detected viruses vary according to continent, but Stoned Brain Cascade and members of the Jerusalem , , , family, have spread widely and continue to appear. This implies that highly survivable viruses tend to be benign, replicate many times before activation, or are somewhat innovative, uti- lizing some technique never used before in a virus. Personal computer viruses exploit the lack of effective access controls in these systems. The viruses modify files and even the operating system itself. These are “legal” actions within the context of the operating system. While more stringent controls are in place on multi-tasking, multi-user operating systems, configuration errors, and security holes (security bugs) make viruses on these systems more than theoretically possible. This leads to the following initial conclusions: • Viruses exploit weaknesses in operating system controls and human patterns of system use/misuse. • Destructive viruses are more likely to be eradicated. • An innovative virus may have a larger initial window to propagate before it is discovered and the “average” anti- viral product is modified to detect or eradicate it. It has been suggested that viruses for multi-user systems are too difficult to write. However, Fred Cohen required only “8 hours of expert work” [Hof90] to build a virus that could penetrate a UNIX 1 system.
Recommended publications
  • A the Hacker

    A the Hacker

    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
  • Virus Infection Techniques: Boot Record Viruses

    Virus Infection Techniques: Boot Record Viruses

    Virus Infection Techniques: Boot Record Viruses Bill Harrison CS4440/7440 Malware Analysis and Defense Reading } Start reading Chapter 4 of Szor 2 Virus Infection Techniques } We will survey common locations of virus infections: MBR (Master Boot Record) Boot sector Executable files (*.EXE, *.COM, *.BAT, etc.) } Most of the examples of these viruses, especially the first two types, are from the DOS and floppy disk era 3 Why Study Older Viruses? } Vulnerabilities remain very similar over time, along with the means to exploit them and defend against them } Modern Internet worms differ mainly in the use of the internet for transport, and are otherwise similar to older viruses } Older viruses illustrate the virus vs. antivirus battle over many generations 4 Boot-up Infections and the PC Boot-up Sequence } PC boot-up sequence: 1. BIOS searches for boot device (might be a diskette, hard disk, or CD-ROM) 2. MBR (Master Boot Record) is read into memory from the beginning of the first disk partition; execution proceeds from memory 5 Master Boot Record Structure Boot-up Sequence cont’d. 3. Beginning of MBR has tiny code called the boot- strap loader 4. Data area within MBR has the disk PT (partition table) 5. Boot-strap loader reads PT and finds the active boot partition 6. Boot-strap loader loads the first sector of the active partition into memory and jumps to it; this is called the boot sector 7 Boot-up Sequence cont’d. } MBR is always at BIOS the very first sector of the hard MBR: Expanded View MBR Boot-strap loader code (446 disk (first 512
  • Chapter 3: Viruses, Worms, and Blended Threats

    Chapter 3: Viruses, Worms, and Blended Threats

    Chapter 3 Chapter 3: Viruses, Worms, and Blended Threats.........................................................................46 Evolution of Viruses and Countermeasures...................................................................................46 The Early Days of Viruses.................................................................................................47 Beyond Annoyance: The Proliferation of Destructive Viruses .........................................48 Wiping Out Hard Drives—CIH Virus ...................................................................48 Virus Programming for the Masses 1: Macro Viruses...........................................48 Virus Programming for the Masses 2: Virus Generators.......................................50 Evolving Threats, Evolving Countermeasures ..................................................................51 Detecting Viruses...................................................................................................51 Radical Evolution—Polymorphic and Metamorphic Viruses ...............................53 Detecting Complex Viruses ...................................................................................55 State of Virus Detection.........................................................................................55 Trends in Virus Evolution..................................................................................................56 Worms and Vulnerabilities ............................................................................................................57
  • IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions

    IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions

    IBM Security Solutions May 2011 IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions Contents About the report 2 About the Report The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges 3 Evolution: From Nuisance to Weapon facing security professionals today. This report is a product of IBM Managed Security Services and the IBM X-Force 8 Prolific and Impacting Issues of Q1 2011 research and development team. Each issue focuses on specific challenges and provides a recap of the most significant recent 16 References online threats. IBM Managed Security Services are designed to help an organization improve its information security, by outsourcing security operations or supplementing your existing security teams. The IBM protection on-demand platform helps deliver Managed Security Services and the expertise, knowledge and infrastructure an organization needs to secure its information assets from Internet attacks. The X-Force team provides the foundation for a preemptive approach to Internet security. The X-Force team is one of the best-known commercial security research groups in the world. This group of security experts researches and evaluates vulnerabilities and security issues, develops assessment and countermeasure technology for IBM security products, and educates the public about emerging Internet threats. We welcome your feedback. Questions or comments regarding the content of this report should be addressed to [email protected]. 3 X-Force Threat Insight Quarterly IBM Security Solutions Evolution: From Nuisance to Weapon One of the more notable examples here is Brain3, a boot sector infector which originated in Pakistan and released in 1986, was Creeper, Wabbit, Animal, Elk Cloner, Brain, Vienna, Lehigh, one of the first examples of malware that infected PC’s running Stoned, Jerusalem.
  • What Are Kernel-Mode Rootkits?

    What Are Kernel-Mode Rootkits?

    www.it-ebooks.info Hacking Exposed™ Malware & Rootkits Reviews “Accessible but not dumbed-down, this latest addition to the Hacking Exposed series is a stellar example of why this series remains one of the best-selling security franchises out there. System administrators and Average Joe computer users alike need to come to grips with the sophistication and stealth of modern malware, and this book calmly and clearly explains the threat.” —Brian Krebs, Reporter for The Washington Post and author of the Security Fix Blog “A harrowing guide to where the bad guys hide, and how you can find them.” —Dan Kaminsky, Director of Penetration Testing, IOActive, Inc. “The authors tackle malware, a deep and diverse issue in computer security, with common terms and relevant examples. Malware is a cold deadly tool in hacking; the authors address it openly, showing its capabilities with direct technical insight. The result is a good read that moves quickly, filling in the gaps even for the knowledgeable reader.” —Christopher Jordan, VP, Threat Intelligence, McAfee; Principal Investigator to DHS Botnet Research “Remember the end-of-semester review sessions where the instructor would go over everything from the whole term in just enough detail so you would understand all the key points, but also leave you with enough references to dig deeper where you wanted? Hacking Exposed Malware & Rootkits resembles this! A top-notch reference for novices and security professionals alike, this book provides just enough detail to explain the topics being presented, but not too much to dissuade those new to security.” —LTC Ron Dodge, U.S.
  • Reversing Malware [Based on Material from the Textbook]

    Reversing Malware [Based on Material from the Textbook]

    SoftWindows 11/23/05 Reversing Malware [based on material from the textbook] Reverse Engineering (Reversing Malware) © SERG What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Reverse Engineering (Reversing Malware) © SERG Reversing Malware • Revering is the strongest weapon we have against the creators of malware. • Antivirus researchers engage in reversing in order to: – analyze the latest malware, – determine how dangerous the malware is, – learn the weaknesses of malware so that effective antivirus programs can be developed. Reverse Engineering (Reversing Malware) © SERG Distributed Objects 1 SoftWindows 11/23/05 Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Reverse Engineering (Reversing Malware) © SERG Typical Purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Reverse Engineering (Reversing Malware) © SERG Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Reverse Engineering (Reversing Malware) © SERG Distributed Objects 2 SoftWindows 11/23/05 Viruses • Viruses are self-replicating programs that usually have a malicious intent.
  • Virus Bulletin, July 91

    Virus Bulletin, July 91

    July 1991 ISSN 0956-9979 THE AUTHORITATIVE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Edward Wilding Technical Editor: Fridrik Skulason, University of Iceland Editorial Advisors: Jim Bates, Bates Associates, UK, Phil Crewe, Fingerprint, UK, David Ferbrache, ISIS Ltd., UK, Ray Glath, RG Software Inc., USA, Hans Gliss, Datenschutz Berater, West Germany, Ross M. Greenberg, Software Concepts Design, USA, Dr. Harold Joseph Highland, Compulit Microcomputer Security Evaluation Laboratory, USA, Dr. Jan Hruska, Sophos, UK, Dr. Keith Jackson, Walsham Contracts, UK, Owen Keane, Barrister, UK, John Laws, RSRE, UK, David T. Lindsay, Digital Equipment Corporation, UK, Yisrael Radai, Hebrew University of Jerusalem, Israel, Martin Samociuk, Network Security Management, UK, John Sherwood, Sherwood Associates, UK, Prof. Eugene Spafford, Purdue University, USA, Dr. Peter Tippett, Certus International Corporation, USA, Dr. Ken Wong, PA Consulting Group, UK, Ken van Wyk, CERT, USA. CONTENTS SCANNER UPDATE IBM Triumphs Amidst the ‘Vapourware’ 34 EDITORIAL 2 Results Table 35 TECHNICAL NOTES 3 TUTORIAL PRODUCT REVIEWS Fixed Disk Boot Sectors and 1. SafeWord Virus-Safe 36 Post-Attack Recovery 5 2. Knoxcard: Anti-Virus Hardware 38 Virus Bulletin Education, Training & Awareness Presentations 9 3. Trend Micro Devices’ PC-cillin 40 LETTERS SHAREWARE REVIEW VB Signatures With IBM’s Virscan 10 PC Virus Index 42 Vetting Procedure 10 KNOWN IBM PC VIRUSES 12 END-NOTES & NEWS 44 VIRUS BULLETIN ©1991 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139. /90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.
  • Topics in Malware What Is Malware?

    Topics in Malware What Is Malware?

    Topics in Malware What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Typical purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Metamorphic viruses • Instead of encrypting the program’s body and making slight alterations in the decryption engine, alter the entire program each time it is replicated. • This makes it extremely difficult for antivirus writers to use signature-matching techniques to identify malware. • Metamorphism requires a powerful code analysis engine that needs to be embedded into the malware. Metamorphic viruses: Operation • Metamorphic engine scans the code and generates a different version of it every time the program is duplicated. • The metamorphic engine performs a wide variety of transformations on the malware and on the engine itself.
  • Cyber Crime the Threat to Small and Medium Sized Businesses Cyber Crime: What Does It Mean for You?

    Cyber Crime the Threat to Small and Medium Sized Businesses Cyber Crime: What Does It Mean for You?

    Cyber Crime The threat to small and medium sized businesses Cyber Crime: What does it mean for you? Technology is at the core of our cyber criminals to gain control over It’s critical that you are up-to-speed everyday lives, so much so that for the computer systems of a large on what criminals are doing and – many of us it’s difficult to remember entertainment corporation while more importantly – what you can a time without mobile phones, hackers were able to gain access do to minimise the likelihood of computers, email and the internet. to millions of a global eCommerce becoming the victim of these types company’s customer records. of attacks. To that end, we also focus These innovations have changed the on educating our customers, which is way we connect with one another, What might be surprising, however, why, in addition to online resources1 both on a personal and business is that in their most recent Internet we’ve developed this overview to level. Technology has played a key Security Threat Report, Symantec give you a snapshot of the cyber role in how the world economy found that 60% of all targeted crime landscape in general, as well has evolved over the course of attacks were levelled against as in terms of specific threats to the last decade, but it’s also given small and medium-sized (SME) small and medium sized businesses criminals new tools for gaining businesses. One reason for this is like yours. In the pages that follow access to information and funds.
  • Chapter 2 the Hacker Group R

    Chapter 2 the Hacker Group R

    Chapter 2 The hacker group R. Gevers CHAPTER OUTLINE Introduction 15 The hacker as social reformer 16 The hacker as combatant 17 The hacker group 19 Disciplines 20 Conclusions 39 n INTRODUCTION Since the information revolution the Internet has been a driving force behind many—if not most—social reforms. From the 1% marches to the Arab Spring: The Internet was used to fuel, coordinate, and facilitate protests. The Internet turned out to be a safe haven for liberal thinkers and was used to establish contacts with other like-minded individuals at the other end of the globe. The global nature of the Internet makes (targeted) communica- tion accessible to anyone. This was at the core of many great revelations: WikiLeaks being the first, The Intercept and Edward Snowden following quickly. In the early days the Internet was a safe haven for free thinkers; there was no censorship and no laws were directly applicable. This opened up opportuni- ties on the Internet to influence governments and their laws. However, this situation has changed: The Internet has become securitized and militarized. Whereas the Internet used to be a place aimed at free and unhindered flow of information and ideas, now it is increasingly influenced by State actors and large non-State actors. Whereas any individual could tread onto the Internet and fight for a cause, nowadays you need to tread carefully. 15 Cyber Guerilla Copyright © 2016 Elsevier Inc. All rights reserved. 16 CHAPTER 2 The hacker group Chapter 1 has described the essence of cyber guerilla strategy, tactics, and the concepts of favorable and unfavorable terrain.
  • Computer Viruses--A Form of Artificial Life?

    Computer Viruses--A Form of Artificial Life?

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Purdue E-Pubs Purdue University Purdue e-Pubs Department of Computer Science Technical Reports Department of Computer Science 1990 Computer Viruses--A Form of Artificial Life? Eugene H. Spafford Purdue University, [email protected] Report Number: 90-985 Spafford, Eugene H., "Computer Viruses--A Form of Artificial Life?" (1990). Department of Computer Science Technical Reports. Paper 837. https://docs.lib.purdue.edu/cstech/837 This document has been made available through Purdue e-Pubs, a service of the Purdue University Libraries. Please contact [email protected] for additional information. COMPUTER YmUSES-A FORM OF ARTIFICIAL LIFE? Eugene H. Spalford CSD·TR·985 June 1990 Computer Viruses-A Form of Artificial Life? * Technical Repor~ CSD-TR-985 Eugene H. SpaJford Software Engineering Research Center Department of Computer Science Purdue University West Lafayette, Indiana 47907-2004 (317) 494-7825 [email protected] June 8, 1990 1 Introduction There has been con5id~rable interest of late in computer viruses. One aspect of this interest has been to ask if computer viruses are a form of artificial life, and what that might imply. This paper is a condensed, high-Ievell' description ofcomputer viruses­ their history, structure, and how they relate to some properties that might derme artificial life. It provides a general introduction to the topic without requiring an extensive background in computer science. The interested reader might pursue [9, I, 2] and [5] for more detail about computer viruses and their properties. The description in this paper of the origins of computer viruses and their structure is taken from [9].